> I am trying to configure ProFTPd 1.2.10 on CentOS 4.4 so that it will
> authenticate using pam_ldap with an alternate configuration file via
> config=/etc/ldap-ftp.conf so that I can set a different base dn than
> that used by the Unix logins. But despite whatever combinations I have
> tried (and I've tried scores) it appears to still always use the base dn
> in /etc/ldap.conf.

This is really more of a question for the pam_ldap mailing list, rather
than proftpd.

> * Note - for testing purposes, I put a non-existent file name in the
> AuthPAMConfig directive and ProFTPd never complains about it.

ProFTPD itself has no knowledge of allowed/bad PAM service names. The
mod_auth_pam module uses the configured PAM service name only at login
time; the PAM API does not have a way for mod_auth_pam to check, before
then, if a given PAM service name is valid or not.

> Of course debug isn't supported for pam_ldap so that's no help.
> And I cannot use mod_ldap as shadowAccount expiry isn't supported. Any
> pointers on resolving this or at least how to get better debug info?

Can you check your system's syslog (/var/log/messages, or /var/log/auth,
/var/log/secure, etc) files to see if pam_ldap logs anything useful there?


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Our eyes are holden such that we cannot see things that stare us in the face,
until the hour arrives when the mind is ripened, then we behold them, and
the time when we saw them not is like a dream.

-Ralph Waldo Emerson

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
ProFTPD Users List
Unsubscribe problems?